What detectors identify abnormal unusual behavior on a host or network?

A.
None of the choices.

B.
Legitimate detectors.

C.
Anomaly detectors.

D.
Normal detectors.

Explanation:
Anomaly detectors identify abnormal unusual behavior (anomalies) on a host or network.
They function on the assumption that attacks are different from “normal” (legitimate)
activity and can therefore be detected by systems that identify these differences.
Anomaly detectors construct profiles representing normal behavior of users, hosts, or
network connections. These profiles are constructed from historical data collected over
a period of normal operation. The detectors then collect event data and use a variety
of measures to determine when monitored activity deviates from the norm.